sdn and the hidden nature of complexity (a whirlwind tour through the nature of complex networks)
TRANSCRIPT
1
SDN and the Hidden Nature of Complexity
(a whirlwind tour through the nature of complex networks)
David MeyerCTO and Chief Scientist, Brocade
Director, Advanced Technology Center, University of OregonMPLS/SDN 2013Washington, DC
dmm@{brocade.com,uoregon.edu,1-4-5.net,…}http://www.1-4-5.net/~dmm/talks/mpls_sdn_2013.pdf
2
Agenda
• Goals/Premise/Thesis
• Macro Trends?
• Robustness, Fragility, and Complexity– And what does this have to do with SDN?
• Universal Architectural Principles
• A Few Conclusions and Q&A if we have time
3
Goal of this Talk
To open up our thinking about what the essential architectural features of our network are, how these features combine to provide robustness (and its dual, fragility), and how the universal architectural features we find in both technological and biological networks effect Internet robustness.
4
PremiseBiological and advanced technological systems are robust and evolvable even in the face of large changes in environment and system components, yet can simultaneously be extremely fragile to small perturbations.
This Robust Yet Fragile (RYF) complexity is found wherever we look. Remarkably, a key feature of such RYF-complex systems is that it is the same universal architectural features that makes these systems robust and evolvable also creates severe, even catastrophic fragilities to tail events.
5
Thesis
Advanced technological networks and biology exhibit striking similarity (convergence1) at “higher” levels of organization.
As such there is a lot we as network engineers can learn from the study of networking in other domains. This is particularly true when thinking about how protocols are deployed and why some are hard to change.
So what are Robustness, Fragility, and Complexity, and how can they inform design and operation of our networks?
1 Why should this be?
6
What is Complexity?
“In our view, however, complexity is most succinctly discussed in terms of functionality and its robustness. Specifically, we argue that complexity in highly organized systems arises primarily from design strategies intended to create robustness to uncertainty in their environments and component parts.”
See Alderson, D. and J. Doyle, “Contrasting Views of Complexity and Their Implications For Network-Centric Infrastructures”, IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART A: SYSTEMS AND HUMANS, VOL. 40, NO. 4, JULY 2010
7
Robustness vs. Complexity
Increasing number of policies, protocols, configurations and interactions (well, and code)
Domain of the Fragile
Domain of the Robust
A syste
m needs complexity
to achieve ro
bustness
Biology and technology
Another way to look at the CR Boundary
Robustness
Complexity
Biology and technology
Physics
simple hard
robust
fragile
Bummer
Original slide courtesy John Doyle
9
So what are Robustness and Fragility?
• Definition: A [property] of a [system] is robust if it is [invariant] with respect to a [set of perturbations], up to some limit– Robustness is the preservation of a certain property in the presence of uncertainty in components or the
environment
• Fragility is the opposite of robustness– If you're fragile you depend on 2nd order effects (acceleration) and the “harm” curve is concave– A little more on this later…
• A system can have a property that is robust to one set of perturbations and yet fragile for a different property and/or perturbation the system is Robust Yet Fragile– Or the system may collapse if it experiences perturbations above a certain threshold (K-fragile)
• For example, a possible RYF tradeoff is that a system with high efficiency (i.e., using minimal system resources) might be unreliable (i.e., fragile to component failure) or hard to evolve– Another example: VRRP provides robustness to failure of a router/interface, but introduces fragilities in
the protocol/implementation– Complexity/Robustness Spirals
See Alderson, D. and J. Doyle, “Contrasting Views of Complexity and Their Implications For Network-Centric Infrastructures”, IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART A: SYSTEMS AND HUMANS, VOL. 40, NO. 4, JULY 2010
10
Robust Yet FragileRYF Examples
Efficient, flexible metabolism Complex development and Immune systems Regeneration & renewal Complex societies Advanced technologies
Obesity and diabetes Rich microbe ecosystem Inflammation, Auto-Im. Cancer Epidemics, war, … Catastrophic failures
• “Evolved” mechanisms for robustness allow for, even facilitate, novel, severe fragilities elsewhere
• Often involving hijacking/exploiting the same mechanism– We’ve certainly seen this in the Internet space (consider DDOS of various varieties)
• These are hard constraints (i.e., RYF behavior is conserved)
11
System features cast as Robustness
• Scalability is robustness to changes to the size and complexity of a system as a whole
• Evolvability is robustness of lineages to changes on various (usually long) time scales
• Other system features cast as robustness– Reliability is robustness to component failures– Efficiency is robustness to resource scarcity– Modularity is robustness to component rearrangements
• BTW, what are the features we’re seeking from SDN/NFV/Cloud?
12
Brief Aside: Fragility and Scaling (geeking out for a sec…)
• A bit of a formal description of fragility– Let z be some stress level, p some property, and – Let H(p,z) be the (negative valued) harm function– Then for the fragile the following must hold
• H(p,nz) < nH(p,z) for 0 < nz < K
• For example, a coffee cup on a table suffers non-linearly more from large deviations (H(p, nz)) than from the cumulative effect of smaller events (nH(p,z)) – So the cup is damaged far more by tail events than those within a few σ of the mean– Too theoretical? Perhaps, but consider: ARP storms, micro-loops, congestion collapse, AS 7007, …– BTW, nature requires this property
• Consider: jumping off something 1 foot high 30 times vs. jumping off something 30 feet high once
• When we say something scales like O(n2), what we mean is the damage to the network has constant acceleration (2) for weird enough n (e.g., outside say, 5 σ)– Again, ARP storms, congestion collapse, AS 7007, DDOS, … non-linear damage
Idea courtesy Nassim Taleb, see http://www.fooledbyrandomness.com/
13
So….
• Turns out that managing/understanding RYF behavior is the most essential challenge in technology, society, politics, ecosystems, medicine, etc. This means…– Managing spiraling complexity/fragility– Not predicting what is likely or typical – But rather understanding what is catastrophic (though perhaps rare)– understanding the hidden nature of complexity
• BTW, it is much easier to create the robust features than it is to prevent the fragilities– In addition, there are poorly understood “conservation laws” at work
• Thesis redux: Our technology (Internet) has reached a stage of ubiquity and complexity such that we face these same challenges – And what is the effect of s/w oriented technologies s/a SDN/NFV/Cloud?– Increasing feedback, variability, spiraling complexity Classic RYF
• and the nature of software itself (and how we build it)
Components and materials
Systems requirements: functional, efficient,robust, evolvable,
scalable
System and architecture
Perturbations
Perturbations
Robust yet fragile
fan-in of diverse
inputs
fan-out of diverse
outputs
Diversefunction
Diversecomponents
UniversalControl
Universal Architectural Principles
• Hourglasses for layering of control• Bowties for flows within layers
BowtieH
ourg
lass
Slide courtesy John Doyle
Universal Carriers
16
Ok, Key Architectural Takeaways?
• What we have learned is that there are universal architectural building blocks found in systems that scale and are evolvable. These include
– RYF complexity
– Bowtie/Hourglass architectures
– Protocol Based Architectures
– Massively distributed with robust control loops• Contrast optimal control loops and hop-by-hop control
– Highly layered• But with layer violations, e.g., Internet, overlay virtualization
– Degeneracy
17
Bowties 101 Constraints that Deconstrain
Schematic of a “Layer”
For example, the reactions and metabolites of coremetabolism, e.g., ATP metabolism, Krebs/Citric AcidCycle, … form a “metabolic knot”. That is, ATP is a Universal Carrier for cellular energy.
See Kirschner M., and Gerhart J., “Evolvability”, Proc Natl Acad Sci USA , 95:8420–8427, 1998.
1. Processes L-1 information and/or raw material flows into a “standardized” format (the L+1 abstraction)2. Provides plug-and-play modularity for the layer above3. Provides robustness but at the same time fragile to attacks against/using the standardized interface
18
But Wait a SecondAnything Look Familiar?
The Protocol Hourglass idea appears to have originated with Steve Deering. See Deering, S., “Watching the Waist of the Protocol Hourglass”, IETF 51, 2001, http://www.iab.org/wp-content/IAB-uploads/2011/03/hourglass-london-ietf.pdf. See also Akhshabi, S. and C. Dovrolis, “The Evolution of Layered Protocol Stacks Leads to an Hourglass-Shaped Architecture”, http://conferences.sigcomm.org/sigcomm/2011/papers/sigcomm/p206.pdf.
Bowtie Architecture Hourglass Architecture
Layering of Control
The Nested Bowtie/Hourglass Architecture of the Internet
19
Flows within Layers
IP PacketsConnectionsDatagramsPorts
TCP/UDP
ConnectionsDatagramsPorts
RESTHTTP(S)
REST
Layering of Control/Abstractions
HTTP BowtieInput: Ports, Datagrams, ConnectionsOutput (abstraction): RESTTCP/UDP Bowtie Input: IP PacketsOutput (abstraction): Ports, Datagrams, Connections
20
NDN Hourglass
See Named Data Networking, http://named-data.net/
In Practice Things are More ComplicatedThe Nested Bowtie/Hourglass Architecture of Metabolism
See Csete, M. and J. Doyle, “Bow ties, metabolism and disease”, TRENDS in Biotechnology, Vol. 22 No. 9, Sept 2004
• Each layer is abstracted as an optimization problem• Operation of a layer is a distributed solution• Results of one problem (layer) are parameters of others• Timescale separation (operate at different timescales)
Xx
pcRx
xUi
iix
)( tosubj
)( max0
BTW, we can look at layering as optimization decomposition
application
transport
network
link
physical
Application: utility
IP: routing Link: scheduling
Phy: power
So…Biology vs. the Internet
Similarities• Evolvable architecture• Robust yet fragile• Layering, modularity• Hourglass with bowties • Dynamics• Feedback• Distributed/decentralized• Not scale-free, edge-of-
chaos, self-organized criticality, etc
Differences• Metabolism• Materials and energy • Autocatalytic
feedback• Feedback complexity• Development and
regeneration• > 3B years of
evolutionAn Autocatalytic Reaction is one in whichat least one of the reactants is also a product.The rate equations for autocatalytic reactionsare fundamentally non-linear.
24
Summary/Conclusions
• Robust systems “might be” intrinsically hard to understand– RYF complexity is an inherent property of complex technology– Software (e.g., SDN, NFV, Cloud, …) exacerbates the situation– And the Internet has reached an unprecedented level of complexity…
• Nonetheless, many of our goals for the Internet architecture revolve around how to achieve robustness…– which requires a deep understanding of the necessary interplay between complexity
and robustness, modularity, feedback, and fragility• which is neither accidental nor superficial
– Rather, architecture arises from “designs” to cope with uncertainty in environment and components
• Understanding these universal architectural features will help us achieve the scalability and evolvability (operability, understandability) we’re seeking from the Internet architecture today– Multi-disciplinary approaches (e.g., Systems Biology) provide a template of how we
might go about this.
25
Q&A
Thanks!